On May 25, 2018 the EU General Data Protection Regulation (GDPR) became enforceable, bringing new global data protection rights for individuals in the European Union. Pattyrn wholeheartedly supports the privacy rights of its customers and their users.
In addition to its commitment to GDPR, Pattyrn is complies under both the EU-U.S. Privacy Shield Framework. Pattyrn offers a data processing agreement (DPA) for customers processing information on behalf of EU citizens.
As we all work to understand and apply GDPR concepts to our own businesses, we’ve created the below outline to keep you informed of our efforts.
What steps have we taken to comply with GDPR?
- Consult with internal and external counsel to understand legal interpretations of the GDPR requirements
- Perform a Data Protection Impact Assessment as a security review to determine compliance with GDPR security requirements and industry best standards
- Using our research and model, we’ve executed the product roadmap necessary to allow Pattyrn as Controller and Pattyrn as Processor to become compliant with GDPR.
- Based on our research, we’ve developed our working interpretative model as a reference and guide for internal processes.
- While we have completed an initial set of product changes related to GDPR, we will continually be evaluating and adding new security and privacy functionality in Pattyrn
As a customer of Pattyrn, you are a data controller and Pattyrn is acting as your data processor for your users. In this respect, you’ll want to take the following steps:
- Perform your own research, modeling, vendor audit, and strategy steps at your company to ensure you understand GDPR as it applies to your business.
- Watch for updates from Pattyrn related to product functionality or T&C changes.